Vulnerability Details CVE-2006-4235
Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 through 2.2.01 allows remote attackers to execute arbitrary code via a crafted SMP file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.104
EPSS Ranking 93.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://kb.sony-europe.com/KB/Solutions/EN/V00000_V00499/v00244.html
- http://secunia.com/advisories/21510
- http://www.kb.cert.org/vuls/id/697761
- http://www.osvdb.org/27966
- http://www.pentest.co.uk/documents/ptl-2006-01.html
- http://www.securityfocus.com/bid/19558
- http://www.vupen.com/english/advisories/2006/3286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28421
- http://kb.sony-europe.com/KB/Solutions/EN/V00000_V00499/v00244.html
- http://secunia.com/advisories/21510
- http://www.kb.cert.org/vuls/id/697761
- http://www.osvdb.org/27966
- http://www.pentest.co.uk/documents/ptl-2006-01.html
- http://www.securityfocus.com/bid/19558
- http://www.vupen.com/english/advisories/2006/3286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28421
Products affected by CVE-2006-4235
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.1.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.2.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.2.01
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.2.02
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.3.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.4.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.4.01
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.4.02
-
cpe:2.3:a:sony:sonicstage_mastering_studio:1.4.03
-
cpe:2.3:a:sony:sonicstage_mastering_studio:2.0.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:2.1.00
-
cpe:2.3:a:sony:sonicstage_mastering_studio:2.1.01
-
cpe:2.3:a:sony:sonicstage_mastering_studio:2.2.01